subversion.conf example 6.3 but with SSL

Amos Hayes ahayes at
Wed Mar 30 11:57:14 CST 2005


We run a subversion server and are security conscious. We want to  
ensure that authenticated access happens over SSL. We don't mind if  
that means non-authenticated access winds up requiring it as well.

"Example 6.3. A sample configuration for mixed authenticated/anonymous  
access." is quite handy but in order to get the idea of mixed anonymous  
and authenticated access to work with SSL, you need to tack in the  
"SSLOptions +StrictRequire" line *along with* the SSLRequireSSL  
directive. It took us a little while to figure this out, so it might be  
a handy example for the book. This saves having to go though the hassle  
of virtual hosts (as seen at  
<>) at the expense  
of requiring SSL for all repository connections.

<Location /svn>
    DAV svn
    SVNPath /home/svnroot

    Satisfy Any
    SSLOptions +StrictRequire
    Require valid-user

    AuthzSVNAccessFile /usr/local/apache2/conf.d/subversion_access

    AuthType Basic
    AuthName "SVN"
    AuthUserFile /usr/local/apache2/conf.d/

Amos Hayes
Geomatics and Cartographic Research Centre
Carleton University

More information about the svnbook-dev mailing list